Tip

Understanding intrusion

Stephen Northcutt and Judy Novak

This tip, excerpted from Network Intrusion Detection: An Analyst's Handbook, by Stephen Northcutt and Judy Novak, published by New Riders, offers the first step in making your network

    Requires Free Membership to View

secure from intrusion: Understanding the nature of the problem. You can read more on this topic at InformIT.

Intrusion-detection systems exist to help computer system managers deal with security problems. To understand where intrusion detection fits in the security world, you should understand the cause of system security problems. Several models address the etiology of security problems in computer systems. I find it helpful to group system security problems into three categories. Most security scenarios result from problems that fall into one or more of these areas.

--Problems in systems design and development: Problems resulting from errors and omissions occurring in the system design and development process.

--Problems in systems management: Problems resulting from mismanagement of systems after they are placed in operational use. This area includes making mistakes in system configuration; disabling security mechanisms on systems (or never enabling them!); or failing to establish security management policies, procedures and practices.

--Problems in allocating trust appropriately: Problems resulting from a failure to accurately assess trust. This area encompasses situations in which there is an assumption of trustworthiness when no compelling evidence supports that assumption. This area includes problems in network protocols (Transmission Control Protocol/Internet Protocol, or TCP/IP, features many notorious examples), cryptographic protocols and policy.


Related book

Network Intrusion Detection: An Analyst's Handbook, Second Edition
Authors : Stephen Northcutt and Judy Novak
Publisher : New Riders
ISBN/CODE : 0735710082
Cover Type : Soft Cover
Pages : 480
Published : Sept. 2000
Summary:
Intrusion detection is one of the hottest growing areas of network security. As the number of corporate, government and educational networks grow and as they become more and more interconnected through the Internet, there is a correlating increase in the types and numbers of attacks to penetrate those networks. Network Intrusion Detection: An Analyst's Handbook, Second Edition is a training aid and reference for intrusion-detection analysts. This book is meant to be practical. The authors are literally the most recognized names in this specialized field, with unparalleled experience in defending our country's government and military computer networks. People travel from all over the world to hear them speak, and this book will be a distillation of that experience. The book's approach is to introduce and ground topics through actual traffic patterns. The authors have been through the trenches and give you access to unusual and unique data.


This was first published in October 2000

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.